ClamavCVEs & Vulnerabilities
98 CVEs affecting Clamav products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
98 CVEs→ All vendors
Most Affected Products
clamav 1.470
CVE-2006-1615CRITICAL
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.
7 Apr 2006
10.0
CVSS
CVE-2005-3501MEDIUM
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero length.
5 Nov 2005
4.3
CVSS